[squid-users] Secure basic authentication on Squid
Antony Stone
Antony.Stone at squid.open.source.it
Mon Dec 4 16:11:12 UTC 2017
On Monday 04 December 2017 at 17:06:03, Amos Jeffries wrote:
> On 05/12/17 04:49, Antony Stone wrote:
> > On Monday 04 December 2017 at 16:42:30, Colle Christophe wrote:
> >> Is there a solution to secure the "basic" authentication of squid? (with
> >> an SSL certificate for example).
> >
> > https://wiki.squid-cache.org/ConfigExamples/Authenticate/Ldap section
> > "SSL/TLS_adjustments"?
>
> That is only for securing the connection between Squid and the LDAP
> server. It does not affect the credentials themselves.
Right.
Since the original question stated that "the problem is that the password is
sent in clear (base64) and I am looking for a solution to secure it" I assumed
it was the transmission in the clear which needed to be secured.
Antony.
--
"It would appear we have reached the limits of what it is possible to achieve
with computer technology, although one should be careful with such statements;
they tend to sound pretty silly in five years."
- John von Neumann (1949)
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list